π¨ CVE-2025-13187
A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
π@cveNotify
A security vulnerability has been detected in Intelbras ICIP 2.0.20. Affected is an unknown function of the file /xml/sistema/acessodeusuario.xml. Such manipulation of the argument NomeUsuario/SenhaAcess leads to unprotected storage of credentials. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.
π@cveNotify
π¨ CVE-2025-63292
Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 RΓ©volution r1βr3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM authentication over the `FreeWifi_secure` network. During the EAP-Response/Identity exchange, the subscriber's full Network Access Identifier (NAI), which embeds the raw IMSI, is transmitted without encryption, tunneling, or pseudonymization. An attacker located within Wi-Fi range (~100 meters) can passively capture these frames without requiring user interaction or elevated privileges. The disclosed IMSI enables device tracking, subscriber correlation, and long-term monitoring of user presence near any broadcasting Freebox device. The vendor acknowledged the vulnerability, and the `FreeWifi_secure` service is planned for full deactivation by 1 October 2025.
π@cveNotify
Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal (firmware = 1.7.20), Freebox v6 RΓ©volution r1βr3 (firmware = 4.7.x), Freebox Mini 4K (firmware = 4.7.x), and Freebox One (firmware = 4.7.x) were discovered to expose subscribers' IMSI identifiers in plaintext during the initial phase of EAP-SIM authentication over the `FreeWifi_secure` network. During the EAP-Response/Identity exchange, the subscriber's full Network Access Identifier (NAI), which embeds the raw IMSI, is transmitted without encryption, tunneling, or pseudonymization. An attacker located within Wi-Fi range (~100 meters) can passively capture these frames without requiring user interaction or elevated privileges. The disclosed IMSI enables device tracking, subscriber correlation, and long-term monitoring of user presence near any broadcasting Freebox device. The vendor acknowledged the vulnerability, and the `FreeWifi_secure` service is planned for full deactivation by 1 October 2025.
π@cveNotify
π¨ CVE-2025-63883
A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 (Bhabishya-123/E-commerce). The site's client-side JavaScript reads attacker-controlled input (for example, values derived from the URL or page fragment) and inserts it into the DOM via unsafe sinks (innerHTML/insertAdjacentHTML/document.write) without proper sanitization or context-aware encoding. An attacker can craft a malicious URL that, when opened by a victim, causes arbitrary JavaScript to execute in the victim's browser under the electic-shop origin.
π@cveNotify
A DOM-based cross-site scripting vulnerability exists in electic-shop v1.0 (Bhabishya-123/E-commerce). The site's client-side JavaScript reads attacker-controlled input (for example, values derived from the URL or page fragment) and inserts it into the DOM via unsafe sinks (innerHTML/insertAdjacentHTML/document.write) without proper sanitization or context-aware encoding. An attacker can craft a malicious URL that, when opened by a victim, causes arbitrary JavaScript to execute in the victim's browser under the electic-shop origin.
π@cveNotify
GitHub
security-advisories/CVE-2025-63883.md at main Β· minhajultaivin/security-advisories
XSS vulnerability in SourceCodester Student Grades Management System (CVE-2025-63892) - minhajultaivin/security-advisories
π¨ CVE-2025-63225
The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Control due to missing authentication on critical administrative endpoints. Attackers can directly access and modify sensitive system and network configurations, upload firmware, and execute unauthorized actions without any form of authentication. This vulnerability allows remote attackers to fully compromise the device, control its functionality, and disrupt its operation.
π@cveNotify
The Eurolab ELTS100_UBX device (firmware version ELTS100v1.UBX) is vulnerable to Broken Access Control due to missing authentication on critical administrative endpoints. Attackers can directly access and modify sensitive system and network configurations, upload firmware, and execute unauthorized actions without any form of authentication. This vulnerability allows remote attackers to fully compromise the device, control its functionality, and disrupt its operation.
π@cveNotify
π¨ CVE-2026-1118
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
π@cveNotify
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
π@cveNotify
GitHub
itsourcecode Society Management System Project V1.0 /admin/add_activity.php SQL injection Β· Issue #2 Β· AriazzzZ/CVE
itsourcecode Society Management System Project V1.0 /admin/add_activity.php SQL injection NAME OF AFFECTED PRODUCT(S) Society Management System Vendor Homepage https://itsourcecode.com/free-project...
π¨ CVE-2026-1119
A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/delete_activity.php. Executing a manipulation of the argument activity_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.
π@cveNotify
A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/delete_activity.php. Executing a manipulation of the argument activity_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used.
π@cveNotify
GitHub
itsourcecode Society Management System Project V1.0 /admin/delete_activity.php SQL injection Β· Issue #1 Β· AriazzzZ/CVE
itsourcecode Society Management System Project V1.0 /admin/delete_activity.php SQL injection NAME OF AFFECTED PRODUCT(S) Society Management System Vendor Homepage https://itsourcecode.com/free-proj...
π¨ CVE-2025-0395
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
π@cveNotify
When the assert() function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size.
π@cveNotify
π¨ CVE-2025-60753
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).
π@cveNotify
An issue was discovered in libarchive bsdtar before version 3.8.1 in function apply_substitution in file tar/subst.c when processing crafted -s substitution rules. This can cause unbounded memory allocation and lead to denial of service (Out-of-Memory crash).
π@cveNotify
GitHub
CVE/CVE-2025-60753 at main Β· Papya-j/CVE
CVE Analysis. Contribute to Papya-j/CVE development by creating an account on GitHub.
π¨ CVE-2025-59392
On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive (containing a publicly documented reset string) into a USB port.
π@cveNotify
On Elspec G5 devices through 1.2.2.19, a person with physical access to the device can reset the Admin password by inserting a USB drive (containing a publicly documented reset string) into a USB port.
π@cveNotify
Elspec
G5 Digital Fault Recorder & Phasor measurement unit | Elspec
The BlackBox G5 features a 24-Bit continuous acquisition at 1,024 s/c includes a modular design, centralized & decentralized architecture with a supreme time synchronization.
π¨ CVE-2025-63560
An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows a remote attacker to cause a denial of service via the systemctrl API System/reFactory component.
π@cveNotify
An issue in KiloView Dual Channel 4k HDMI & 3G-SDI HEVC Video Encoder Firmware v.1.20.0006 allows a remote attacker to cause a denial of service via the systemctrl API System/reFactory component.
π@cveNotify
Kiloview - Your AV over IP Trailblazer
Breaking Boundaries β Your AV over IP Trailblazer - Kiloview
π¨ CVE-2025-63551
A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content Management System (CMS) thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the server to initiate an HTTP request to an arbitrary internal or external network address. Successful exploitation could lead to internal network reconnaissance, port scanning, or the retrieval of sensitive information. The vulnerability may be present in the backend API called by or associated with the path `/admin/#/webset/?head_tab_active=0`, where user-provided XML data is processed.
π@cveNotify
A Server-Side Request Forgery (SSRF) vulnerability, achievable through an XML External Entity (XXE) injection, exists in MetInfo Content Management System (CMS) thru 8.1. This flaw stems from a defect in the XML parsing logic, which allows an attacker to construct a malicious XML entity that forces the server to initiate an HTTP request to an arbitrary internal or external network address. Successful exploitation could lead to internal network reconnaissance, port scanning, or the retrieval of sensitive information. The vulnerability may be present in the backend API called by or associated with the path `/admin/#/webset/?head_tab_active=0`, where user-provided XML data is processed.
π@cveNotify
GitHub
GitHub - sh4ll0t/SSRF-Vulnerability-in-MetInfo-via-XXE-Injection
Contribute to sh4ll0t/SSRF-Vulnerability-in-MetInfo-via-XXE-Injection development by creating an account on GitHub.
π¨ CVE-2025-64174
Magento-lts is a long-term support alternative to Magento Community Edition (CE). Versions 20.15.0 and below are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts into vulnerable fields. Unescaped translation strings and URLs are printed into contexts inside app/code/core/Mage/Adminhtml/Block/Notification/Grid/Renderer/Actions.php. A malicious translation or polluted data can inject script. This issue is fixed in version 20.16.0.
π@cveNotify
Magento-lts is a long-term support alternative to Magento Community Edition (CE). Versions 20.15.0 and below are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an admin with direct database access or the admin notification feed source to inject malicious scripts into vulnerable fields. Unescaped translation strings and URLs are printed into contexts inside app/code/core/Mage/Adminhtml/Block/Notification/Grid/Renderer/Actions.php. A malicious translation or polluted data can inject script. This issue is fixed in version 20.16.0.
π@cveNotify
GitHub
Merge commit from fork Β· OpenMage/magento-lts@9d604f5
* Escape Admin Notification Labels
* Fix hard coded js reference to notification url
* Added escape to massaction template
* Removed escape from _prepareMassaction
* Fix hard coded js reference to notification url
* Added escape to massaction template
* Removed escape from _prepareMassaction
π¨ CVE-2024-39724
IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D 4.8), 7.7 (on CP4D 5.0), and 7.8 (on CP4D 5.1) do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exploit this weakness to cause a denial of service.
π@cveNotify
IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D 4.8), 7.7 (on CP4D 5.0), and 7.8 (on CP4D 5.1) do not properly limit the allocation of system resources. An authenticated user with internal knowledge of the environment could exploit this weakness to cause a denial of service.
π@cveNotify
Ibm
Security Bulletin: IBM Db2 Big SQL on Cloud Pak for Data is vulnerable to a denial of service due to lack of throttling on an API
IBM Db2 Big SQL 7.8 and earlier on CLoud Pak for Data 5.1 and earlier is vulnerable to a denial of service due to lack of throttling on an API
π¨ CVE-2026-0947
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AT Internet Piano Analytics allows Cross-Site Scripting (XSS).This issue affects AT Internet Piano Analytics: from 0.0.0 before 1.0.1, from 2.0.0 before 2.3.1.
π@cveNotify
Improper Neutralization of Input During Web Page Generation ("Cross-site Scripting") vulnerability in Drupal AT Internet Piano Analytics allows Cross-Site Scripting (XSS).This issue affects AT Internet Piano Analytics: from 0.0.0 before 1.0.1, from 2.0.0 before 2.3.1.
π@cveNotify
Drupal.org
AT Internet Piano Analytics - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-004
This module integrates the AT Internet Piano Analytics service. The module does not filter administrator-entered text leading to a persistent Cross-site Scripting (XSS) vulnerability. This vulnerability is mitigated by the fact that an attacker must haveβ¦
π¨ CVE-2026-0948
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4.
π@cveNotify
Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Microsoft Entra ID SSO Login allows Privilege Escalation.This issue affects Microsoft Entra ID SSO Login: from 0.0.0 before 1.0.4.
π@cveNotify
Drupal.org
Microsoft Entra ID SSO Login - Critical - Access bypass - SA-CONTRIB-2026-005
This module enables Drupal sites to authenticate users via Microsoft Entra ID (formerly Azure AD) using OAuth 2.0. The module doesn't sufficiently validate API responses from Microsoft allowing complete account takeover of any user, including site administratorsβ¦
π¨ CVE-2026-1553
Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4.
π@cveNotify
Incorrect Authorization vulnerability in Drupal Drupal Canvas allows Forceful Browsing.This issue affects Drupal Canvas: from 0.0.0 before 1.0.4.
π@cveNotify
Drupal.org
Drupal Canvas - Moderately critical - Access bypass - SA-CONTRIB-2026-006
This Drupal Canvas module is a new visual page builder for Drupal. You can create reusable components that match your design system, drag them onto a page, edit content in place, preview changes across multiple pages, and undo mistakes with ease. The moduleβ¦
π¨ CVE-2024-40685
IBM Operations Analytics β Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics β Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.
π@cveNotify
IBM Operations Analytics β Log Analysis versions 1.3.5.0 through 1.3.8.3 and IBM SmartCloud Analytics β Log Analysis are vulnerable to a cross-site request forgery (CSRF) vulnerability that could allow an attacker to trick a trusted user into performing unauthorized actions.
π@cveNotify
Ibm
Security Bulletin: IBM Operations Analytics - Log Analysis is affected by CSRF Token Replay Attack
IBM Operations Analytics β Log Analysis uses CSRF tokens to prevent unauthorised actions from being performed by an attacker on behalf of an authenticated user. CVE-2024-40685.
π¨ CVE-2024-43181
IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
π@cveNotify
IBM Concert 1.0.0 through 2.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.
π@cveNotify
Ibm
Security Bulletin: Multiple Vulnerabilities in IBM Concert Software
Multiple vulnerabilities were addressed in IBM Concert Software version 2.2.0
π¨ CVE-2025-54888
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are processed before verifying the signing key belongs to the claimed actor, enabling complete actor impersonation across all Fedify instances. This is fixed in versions 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9 and 1.8.5.
π@cveNotify
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. In versions below 1.3.20, 1.4.0-dev.585 through 1.4.12, 1.5.0-dev.636 through 1.5.4, 1.6.0-dev.754 through 1.6.7, 1.7.0-pr.251.885 through 1.7.8 and 1.8.0-dev.909 through 1.8.4, an authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are processed before verifying the signing key belongs to the claimed actor, enabling complete actor impersonation across all Fedify instances. This is fixed in versions 1.3.20, 1.4.13, 1.5.5, 1.6.8, 1.7.9 and 1.8.5.
π@cveNotify
GitHub
Fix critical authentication bypass vulnerability in inbox handler Β· fedify-dev/fedify@14a2f8c
This fixes a severe security vulnerability where activities were processed
before verifying that the HTTP signature key belonged to the claimed actor,
allowing attackers to impersonate any Activity...
before verifying that the HTTP signature key belonged to the claimed actor,
allowing attackers to impersonate any Activity...
π¨ CVE-2025-22873
It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained within the parent.
π@cveNotify
It was possible to improperly access the parent directory of an os.Root by opening a filename ending in "../". For example, Root.Open("../") would open the parent directory of the Root. This escape only permits opening the parent directory itself, not ancestors of the parent or files contained within the parent.
π@cveNotify
π¨ CVE-2025-62615
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.34, in RSSFeedBlock, the third-party library urllib.request.urlopen is used directly to access the URL, but the input URL is not filtered, which will cause SSRF vulnerability. This issue has been patched in autogpt-platform-beta-v0.6.34.
π@cveNotify
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.34, in RSSFeedBlock, the third-party library urllib.request.urlopen is used directly to access the URL, but the input URL is not filtered, which will cause SSRF vulnerability. This issue has been patched in autogpt-platform-beta-v0.6.34.
π@cveNotify
GitHub
There is an SSRF vulnerability in ReadRSSFeedBlock
### Summary
In `RSSFeedBlock`, the third-party library `urllib.request.urlopen` is used directly to access the URL, but the input URL is not filtered, which will cause SSRF vulnerability.
### D...
In `RSSFeedBlock`, the third-party library `urllib.request.urlopen` is used directly to access the URL, but the input URL is not filtered, which will cause SSRF vulnerability.
### D...